An information disclosure vulnerability exists in the latest version of transformeroptimus/superagi. An attacker can leak sensitive user information, including names, emails, and passwords, by attempting to register a new account with an email that is already in use. The server returns all information associated with the existing account. The vulnerable endpoint is located in the user registration functionality.
                
            Metrics
Affected Vendors & Products
References
        History
                    Fri, 18 Jul 2025 20:00:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Superagi Superagi superagi | |
| CPEs | cpe:2.3:a:superagi:superagi:0.0.14:*:*:*:*:*:*:* | |
| Vendors & Products | Superagi Superagi superagi | 
Thu, 20 Mar 2025 19:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
Thu, 20 Mar 2025 10:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | An information disclosure vulnerability exists in the latest version of transformeroptimus/superagi. An attacker can leak sensitive user information, including names, emails, and passwords, by attempting to register a new account with an email that is already in use. The server returns all information associated with the existing account. The vulnerable endpoint is located in the user registration functionality. | |
| Title | Information Disclosure in transformeroptimus/superagi | |
| Weaknesses | CWE-359 | |
| References |  | |
| Metrics | cvssV3_0 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: @huntr_ai
Published: 2025-03-20T10:09:43.452Z
Updated: 2025-03-20T18:35:34.840Z
Reserved: 2024-10-22T21:58:15.811Z
Link: CVE-2024-10267
 Vulnrichment
                        Vulnrichment
                    Updated: 2025-03-20T17:53:18.262Z
 NVD
                        NVD
                    Status : Analyzed
Published: 2025-03-20T10:15:15.607
Modified: 2025-07-18T19:57:36.253
Link: CVE-2024-10267
 Redhat
                        Redhat
                    No data.